What is this kind of spamming and how to prevent

Forum Moderators: phranque

Message Too Old, No Replies

What is this kind of spamming and how to prevent

newbies

1:06 am on Jan 23, 2012 (gmt 0)

Hi,

My site has two sections have user signup feature. Recently, I noticed spammers take the pain to fill up the signup form using fake email addresses (mostly gmail such as r.y.vil.l.eSperr.yv.i.lle@gmail.com). The signup forms only require users to provide user name, password, email address and captcha is used in one of the forms. The only damage i could notice is receiving a few delivery failure notices everday day from the recipient mail server (such as gmail). I tried banned the iP addresses used by the spammers but that did not stop them.

I just don't understand why the spammers want to do that, what benefits they gain and what damage may have to my site.

Thank you for your input.

lucy24

2:54 am on Jan 23, 2012 (gmt 0)

If there were no captcha, and also no e-mail confirmation, then they would go straight into your site and put up a bunch of spammy posts. Or whatever it is that they have to register for.

I assume they have to get past the captcha before they're allowed to do anything. And also answer the e-mail. So it's a stupid and/or lazy robot-- or a busy robot looking for stupid and/or lazy site hosts ;)

If you operate at robot speeds you can get a lot done simply by running around the Internet rattling doorknobs. Sometimes the owner left something unlocked.

newbies

4:33 am on Jan 23, 2012 (gmt 0)

Thanks for your reply.

One of the sections is forum registration with captcha and requires email validation before an account is activated. The spammers trying to exploit it should have known that using fake email won't lead them anywhere. Why do they just keep doing that?

Marshall

5:03 am on Jan 23, 2012 (gmt 0)

Why do they just keep doing that?

With the advent of CAPTCHA, companies now employ very low paid people to spam sites. They're paid on quantity, not quality.

Marshall

rocknbil

5:45 pm on Jan 23, 2012 (gmt 0)

I noticed spammers take the pain to fill up the signup form using fake email addresses (mostly gmail such as r.y.vil.l.eSperr.yv.i.lle@gmail.com).

Actually they don't take the time. Once they know the location of the form, they point a bot (robot, a program, a script at it.)

I tried banned the iP addresses used by the spammers but that did not stop them.

Most often, these are compromised servers anyway and IP banning is an endless chase.

CAPTCHA's are a waste of time (and present unnecessary barriers to your users.) They can be circumnavigated.

There are lots of discussions on this board to understand the why, and how to stop it. Start here [webmasterworld.com].

Planet13

6:52 pm on Jan 27, 2012 (gmt 0)

The spammers trying to exploit it should have known that using fake email won't lead them anywhere. Why do they just keep doing that?

Because many web masters who use the same forum software as you do DON'T require email validation. So there are many sites using the same software as you are suing that allow spammers to post spam links to other sites.

It is much easier for them to just blast ALL the sites that use the same software instead of taking the time to find out whether each individual site allows for posting without first requiring email validation.

newbies

5:14 am on Jan 29, 2012 (gmt 0)

Because many web masters who use the same forum software as you do DON'T require email validation.

That makes sense.